Dear OAuth Working Group,
I would appreciate your review and feedback on the following Internet-Draft:
https://datatracker.ietf.org/doc/draft-ekahraman-oauth-attestation-authz-native-app/
This draft proposes an OAuth 2.0 extension that enables Authorization Servers
to consider attestation results associated with native applications when making
authorization decisions. The goal is to support authorization policies that
take into account the security characteristics and trustworthiness of the
application and its execution environment.
I would be grateful for any comments on the document, security considerations,
and whether this work addresses a problem that the OAuth WG believes is worth
pursuing.
Thank you for your time and consideration.
Best regards,
Efe Kahraman
_______________________________________________
OAuth mailing list -- [email protected]
To unsubscribe send an email to [email protected]
